Spring Web Services Framework

org.springframework.ws.soap.security
Class AbstractWsSecurityInterceptor

java.lang.Object
  extended by org.springframework.ws.soap.security.AbstractWsSecurityInterceptor
All Implemented Interfaces:
ClientInterceptor, EndpointInterceptor, SoapEndpointInterceptor
Direct Known Subclasses:
Wss4jSecurityInterceptor, XwsSecurityInterceptor

public abstract class AbstractWsSecurityInterceptor
extends Object
implements SoapEndpointInterceptor, ClientInterceptor

Interceptor base class for interceptors that handle WS-Security. Can be used on the server side, registered in a endpoint mapping; or on the client side, on the web service template.

Subclasses of this base class can be configured to secure incoming and secure outgoing messages. By default, both are on.

Since:
1.0.0
Author:
Arjen Poutsma

Field Summary
protected  Log logger
          Logger available to subclasses.
protected static QName WS_SECURITY_NAME
           
 
Constructor Summary
AbstractWsSecurityInterceptor()
           
 
Method Summary
 void afterCompletion(MessageContext messageContext, Object endpoint, Exception ex)
          Callback after completion of request and response (fault) processing.
protected abstract  void cleanUp()
           
 boolean handleFault(MessageContext messageContext)
          Returns true, i.e. fault responses are not validated.
 boolean handleFault(MessageContext messageContext, Object endpoint)
          Returns true, i.e. fault responses are not secured.
protected  boolean handleFaultException(WsSecurityFaultException ex, MessageContext messageContext)
          Handles a fault exception.Default implementation logs the given exception, and creates a SOAP Fault with the properties of the given exception, and returns false.
 boolean handleRequest(MessageContext messageContext)
          Secures a client-side outgoing request.
 boolean handleRequest(MessageContext messageContext, Object endpoint)
          Validates a server-side incoming request.
 boolean handleResponse(MessageContext messageContext)
          Validates a client-side incoming response.
 boolean handleResponse(MessageContext messageContext, Object endpoint)
          Secures a server-side outgoing response.
protected  boolean handleSecurementException(WsSecuritySecurementException ex, MessageContext messageContext)
          Handles an securement exception.
protected  boolean handleValidationException(WsSecurityValidationException ex, MessageContext messageContext)
          Handles an invalid SOAP message.
protected abstract  void secureMessage(SoapMessage soapMessage, MessageContext messageContext)
          Abstract template method.
 void setExceptionResolver(EndpointExceptionResolver exceptionResolver)
          Provide an EndpointExceptionResolver for resolving validation exceptions.
 void setSecureRequest(boolean secureRequest)
          Indicates whether client-side outgoing requests are to be secured.
 void setSecureResponse(boolean secureResponse)
          Indicates whether server-side outgoing responses are to be secured.
 void setSkipValidationIfNoHeaderPresent(boolean skipValidationIfNoHeaderPresent)
          Allows skipping validation if no security header is present.
 void setValidateRequest(boolean validateRequest)
          Indicates whether server-side incoming request are to be validated.
 void setValidateResponse(boolean validateResponse)
          Indicates whether client-side incoming responses are to be validated.
 boolean understands(SoapHeaderElement headerElement)
          Given a SoapHeaderElement, return whether or not this SoapEndpointInterceptor understands it.
protected abstract  void validateMessage(SoapMessage soapMessage, MessageContext messageContext)
          Abstract template method.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

logger

protected final Log logger
Logger available to subclasses.


WS_SECURITY_NAME

protected static final QName WS_SECURITY_NAME
Constructor Detail

AbstractWsSecurityInterceptor

public AbstractWsSecurityInterceptor()
Method Detail

setValidateRequest

public void setValidateRequest(boolean validateRequest)
Indicates whether server-side incoming request are to be validated. Defaults to true.


setSecureResponse

public void setSecureResponse(boolean secureResponse)
Indicates whether server-side outgoing responses are to be secured. Defaults to true.


setSecureRequest

public void setSecureRequest(boolean secureRequest)
Indicates whether client-side outgoing requests are to be secured. Defaults to true.


setValidateResponse

public void setValidateResponse(boolean validateResponse)
Indicates whether client-side incoming responses are to be validated. Defaults to true.


setExceptionResolver

public void setExceptionResolver(EndpointExceptionResolver exceptionResolver)
Provide an EndpointExceptionResolver for resolving validation exceptions.


setSkipValidationIfNoHeaderPresent

public void setSkipValidationIfNoHeaderPresent(boolean skipValidationIfNoHeaderPresent)
Allows skipping validation if no security header is present.


handleRequest

public final boolean handleRequest(MessageContext messageContext,
                                   Object endpoint)
                            throws Exception
Validates a server-side incoming request. Delegates to validateMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext) if the validateRequest property is true.

Specified by:
handleRequest in interface EndpointInterceptor
Parameters:
messageContext - the message context, containing the request to be validated
endpoint - chosen endpoint to invoke
Returns:
true if the request was valid; false otherwise.
Throws:
Exception - in case of errors
See Also:
validateMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext)

handleResponse

public final boolean handleResponse(MessageContext messageContext,
                                    Object endpoint)
                             throws Exception
Secures a server-side outgoing response. Delegates to secureMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext) if the secureResponse property is true.

Specified by:
handleResponse in interface EndpointInterceptor
Parameters:
messageContext - the message context, containing the response to be secured
endpoint - chosen endpoint to invoke
Returns:
true if the response was secured; false otherwise.
Throws:
Exception - in case of errors
See Also:
secureMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext)

handleFault

public boolean handleFault(MessageContext messageContext,
                           Object endpoint)
                    throws Exception
Returns true, i.e. fault responses are not secured.

Specified by:
handleFault in interface EndpointInterceptor
Parameters:
messageContext - contains both request and response messages, the response should contains a Fault
endpoint - chosen endpoint to invoke
Returns:
true to continue processing of the response interceptor chain; false to indicate blocking of the response handler chain.
Throws:
Exception

afterCompletion

public void afterCompletion(MessageContext messageContext,
                            Object endpoint,
                            Exception ex)
Description copied from interface: EndpointInterceptor
Callback after completion of request and response (fault) processing. Will be called on any outcome of endpoint invocation, thus allows for proper resource cleanup.

Note: Will only be called if this interceptor's EndpointInterceptor.handleRequest(org.springframework.ws.context.MessageContext, java.lang.Object) method has successfully completed.

As with the EndpointInterceptor.handleResponse(org.springframework.ws.context.MessageContext, java.lang.Object) method, the method will be invoked on each interceptor in the chain in reverse order, so the first interceptor will be the last to be invoked.

Specified by:
afterCompletion in interface EndpointInterceptor
Parameters:
messageContext - contains both request and response messages, the response should contains a Fault
endpoint - chosen endpoint to invoke
ex - exception thrown on handler execution, if any

understands

public boolean understands(SoapHeaderElement headerElement)
Description copied from interface: SoapEndpointInterceptor
Given a SoapHeaderElement, return whether or not this SoapEndpointInterceptor understands it.

Specified by:
understands in interface SoapEndpointInterceptor
Parameters:
headerElement - the header
Returns:
true if understood, false otherwise

handleRequest

public final boolean handleRequest(MessageContext messageContext)
                            throws WebServiceClientException
Secures a client-side outgoing request. Delegates to secureMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext) if the secureRequest property is true.

Specified by:
handleRequest in interface ClientInterceptor
Parameters:
messageContext - the message context, containing the request to be secured
Returns:
true if the response was secured; false otherwise.
Throws:
Exception - in case of errors
WebServiceClientException - in case of errors
See Also:
secureMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext)

handleResponse

public final boolean handleResponse(MessageContext messageContext)
                             throws WebServiceClientException
Validates a client-side incoming response. Delegates to validateMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext) if the validateResponse property is true.

Specified by:
handleResponse in interface ClientInterceptor
Parameters:
messageContext - the message context, containing the response to be validated
Returns:
true if the request was valid; false otherwise.
Throws:
Exception - in case of errors
WebServiceClientException - in case of errors
See Also:
validateMessage(org.springframework.ws.soap.SoapMessage,org.springframework.ws.context.MessageContext)

handleFault

public boolean handleFault(MessageContext messageContext)
                    throws WebServiceClientException
Returns true, i.e. fault responses are not validated.

Specified by:
handleFault in interface ClientInterceptor
Parameters:
messageContext - contains the outgoing request message
Returns:
true to continue processing of the request interceptors; false to indicate blocking of the request endpoint chain
Throws:
WebServiceClientException - in case of errors
See Also:
MessageContext.getResponse(), FaultAwareWebServiceMessage.hasFault()

handleSecurementException

protected boolean handleSecurementException(WsSecuritySecurementException ex,
                                            MessageContext messageContext)
Handles an securement exception. Default implementation logs the given exception, and returns false.

Parameters:
ex - the validation exception
messageContext - the message context
Returns:
true to continue processing the message, false (the default) otherwise

handleValidationException

protected boolean handleValidationException(WsSecurityValidationException ex,
                                            MessageContext messageContext)
Handles an invalid SOAP message. Default implementation logs the given exception, delegates to the set exceptionResolver if any, or creates a SOAP 1.1 Client or SOAP 1.2 Sender Fault with the exception message as fault string, and returns false.

Parameters:
ex - the validation exception
messageContext - the message context
Returns:
true to continue processing the message, false (the default) otherwise

handleFaultException

protected boolean handleFaultException(WsSecurityFaultException ex,
                                       MessageContext messageContext)
Handles a fault exception.Default implementation logs the given exception, and creates a SOAP Fault with the properties of the given exception, and returns false.

Parameters:
ex - the validation exception
messageContext - the message context
Returns:
true to continue processing the message, false (the default) otherwise

validateMessage

protected abstract void validateMessage(SoapMessage soapMessage,
                                        MessageContext messageContext)
                                 throws WsSecurityValidationException
Abstract template method. Subclasses are required to validate the request contained in the given SoapMessage, and replace the original request with the validated version.

Parameters:
soapMessage - the soap message to validate
Throws:
WsSecurityValidationException - in case of validation errors

secureMessage

protected abstract void secureMessage(SoapMessage soapMessage,
                                      MessageContext messageContext)
                               throws WsSecuritySecurementException
Abstract template method. Subclasses are required to secure the response contained in the given SoapMessage, and replace the original response with the secured version.

Parameters:
soapMessage - the soap message to secure
Throws:
WsSecuritySecurementException - in case of securement errors

cleanUp

protected abstract void cleanUp()

Spring Web Services Framework

Copyright © 2005-2013 The Spring Web Services Framework. All Rights Reserved.